Category Archives: System Administration

Sometimes you prefer not to update a specific package in Linux. This may be because you don’t want to upgrade to a new version with new features but no security updates. Or maybe because upgrading requires a service restart that you want to avoid just yet. This was the case for me recently when a new version of Docker came up and upgrading would have restarted the docker daemon and stopped the running containers.

It is possible to exclude a package from being updated. On Linux RPM systems (RedHat, CentOS, Fedora, etc.) this is the command to install all updates but exclude a specific package (say docker):

Shell

1

sudo yum update--exclude=docker

On Debian-like systems (Debian, Ubuntu, Mint, etc.) it is slightly more convoluted because you need to hold a package first and then upgrade the system

Shell

1

sudo apt-mark hold docker&&sudo apt-getupgrade

and remember to remove the hold when you’re ready to upgrade that package too

I regularly log into different Linux machines on the cloud and find complicated to identify on which machine I am by looking at the bash prompt. In fact, in cloud environments the bash prompt tends to show an ugly internal IP address which I can never memorize. Plus, I always fear to log into the production environment by mistake and run experimental commands intended to be executed in the development environment.

In order to overcome my fears, I put together few lines of bash code to be added at the beginning of ~/.bashrc:

Shell

1

2

3

4

5

6

7

8

9

10

11

12

13

14

# get public IP address

aliasmyip="curl -s http://whatismyip.akamai.com"

# display environment in bash prompt

case$(myip)in

1.2.34.567)PS1="[\u@\h DEV \W]\$ "

;;

1.2.34.568)PS1="[\u@\h STAGE \W]\$ "

;;

1.2.34.569)PS1="[\u@\h LIVE \W]\$ "

;;

*)PS1="[\u@\h OTHER \W]\$ "

;;

esac

Line 2 retrieves the IP address from an external web service and map it to myip. Lines 5-14 modify the bash prompt (PS1) based on the value of myip and each IP address (e.g. 1.2.34.567) is mapped to a string appearing in the prompt (e.g. DEV).

While using cloud services like AWS it sometimes occurs to transfer files from a local machine to a remote server which is only accessible via SSH keys. Linux utilities like rsync and scp come to rescue in this case. Here is an example of how to transfer files via rsync.

First, make sure that the destination folder on the remote server is writeable. If not, log into the remote server and change the permissions, e.g.:

Shell

1

sudo chmod777/home/ec2-user/destination_folder

Then go back to the local machine and transfer the file to the remote machine:

where your_ssh_key.pem is the SSH private key to access the remote server, file.zip is the file to transfer, ec2-user is the user on the remote server, 52.1.234.567 is the IP address of the remote server, and /home/ec2-user/destination_folder is the folder on the remote server where you want to transfer the file to.

rsync is a truly file synchronization tool and comes with lots of options, look at its man page for more examples.

There are lots of GUI utilities to zip and unzip files but sometimes you only have access to the command line on a machine. Linux has different types of data compression formats (.tar, tar.gz, tar.bz2, etc.) but I find the zip utilities easier to use and more compatible with Windows systems. So how do you zip and unzip files from the command line?

First install the zip and unzip packages. If you are on a Debian-based system like Ubuntu:

Shell

1

sudo apt-getinstall-yzip unzip

or if you are on Red Hat/CentOs:

Shell

1

sudo yum install-yzip unzip

The most intuitive way to zip a directory and all its files is to navigate to that folder and zip everything recursively inside the current directory:

Shell

1

zip-rfoo.zip.

To extract the zip file into a given directory (e.g. /tmp), navigate to the directory where the zip file is stored and unzip it with:

A colleague of mine recently asked me to install the Groovy programming language on our Red Hat 6.5 server and to make it accessible to all users. I thought it would be a very straightforward task but a quick search on the Red Hat 6.5 official repositories didn’t return any package for Groovy.

The easiest way to install Groovy manually is via gvm. I followed this procedure to do it:

Log in as root

Shell

1

sudo-i

2. Retrieve the gvm install script and store it in a temporary file

Shell

1

curl–sget.gvmtool.net>/tmp/gvm.sh

3. Make the temporary file executable

Shell

1

chmod+x/tmp/gvm.sh

4. Run the install script

Shell

1

./tmp/gvm.sh

5. Complete the installation as requested at prompt

Shell

1

source"/root/.gvm/bin/gvm-init.sh"

6. Check that gvm is installed (this should return the help message explaining how to use gvm)

Shell

1

gvm help

7. Remove the temporary install script

Shell

1

rm/tmp/gvm.sh

8. Install groovy via gvm

Shell

1

gvm install groovy

9. Select the current version of groovy as default (at the time of writing version 2.4.3) and check that groovy is installed

Every year in March and in October the clock changes in most countries for energy saving purposes. This has the annoying effect of messing up the current time on your server if the timezone is not set properly. Servers in Europe are often set up to UTC time. For example my web hosting provider explicitly says:

Note that any times specified are executed in the timezone of the server, and not your local timezone. Accordingly, you may need to make allowance for this when selecting when to run your cron job. Our servers run in the ‘UTC’ timezone because our client base is global, and it remains constant throughout the year with no changes for daylight saving.

This is a bit annoying for cron jobs as you need to do some calculations in case you want to run them at a specific local time.

Even if you don’t have sudo rights on your server, you can at least modify the time for a given user. For example, to change the timezone for the current user to a local time (e.g. Europe/London) run the following command and add it to your bash_profile to make the change permanent:

Shell

1

export TZ="Europe/London"

If you have full control on your server, you can change the timezone system-wide by symlinking /etc/localtime to the appropriate file in /usr/share/zoneinfo. For example, to set the timezone system-wide to the local time in Paris:

Shell

1

ln-sf/usr/share/zoneinfo/Europe/Paris/etc/localtime

If you run Red Hat/CentOS, you may also need edit /etc/sysconfig/clock in a similar way.

Let’s say you have a new user needing sudo access to a Linux server. How do you grant him/her this great privilege? First, explain to the new user that sudo rights allow to do pretty much anything on a Linux machine – including screwing everything up! – and that with greater power also comes greater responsibilities. Then, follow this procedure:

1. Open the command line

2. Create a new user (e.g. newusername) and add it to group wheel (members of this group have sudo rights):

Shell

1

sudo useradd-Gwheel newusername

3. Set up the password for the new user. First, login as root:

Shell

1

sudo-i

Then set the password for the new user (e.g. newusername):

Shell

1

passwd newusername

Finally exit from root with:

Shell

1

exit

4. Test the newly created user and password by logging in as user newusername: